1

I am facing a security risk when exporting & importing cookies on a Laravel setup. In short, you can log in to the project without using credentials.

Steps to reproduce:-

1) Add extension to Chrome - Edit This Cookie (link). For Firefox - Cookie Editor (link)

2) Open your Laravel setup on Firefox/Chrome. Login with correct credentials. On the top right, click on Cookie and then click on export. This action will copy all the cookies to your clipboard.

3) Open your project on another browser (different than step 2). Click on Cookie extension and click on import and paste (your cookies).

4) Refresh your /login route and you will see that after importing cookies you were able to log in without the right credentials.


Things I've tried so far:-

.env file SESSION_SECURE_COOKIE=true

config/session 'encrypt' => true,

No luck as of now. If you were not able to reproduce this, please let me know what settings you have that are different from what Laravel ships by default. Thank you for your help.

Mujahid Bhoraniya
  • 1,518
  • 10
  • 22
Digvijay
  • 7,836
  • 3
  • 32
  • 53
  • "In short, you can log in to the project without using credentials. Steps to reproduce: ... Login with correct credentials." – miken32 Mar 06 '20 at 05:10
  • @miken32 In first browser you are login with credentials. And in another browser after importing the cookies you are able to login (without credentials) – Digvijay Mar 06 '20 at 05:14
  • Yeah I get it. But if browser #1 is compromised, then you have to assume they can get the credentials directly. Web traffic is HTTPS, the SID can't be intercepted. – miken32 Mar 06 '20 at 05:16

0 Answers0